X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Feventz%2Fupload_data_file.inc;h=3af0a9381d2c6d094fcbc8f8a428dd0f44e14454;hb=8fc54d8f71a9ba9526cd396fe8f5c6f4764fb6c3;hp=6a8f0b39882eb2da3ecc0eb979f38bb929f18f7d;hpb=51ff32267c4949bad6a8dddc502cbc01ed56edc8;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/inc/eventz/upload_data_file.inc b/wwwroot/inc/eventz/upload_data_file.inc
index 6a8f0b3..3af0a93 100644
--- a/wwwroot/inc/eventz/upload_data_file.inc
+++ b/wwwroot/inc/eventz/upload_data_file.inc
@@ -1,70 +1,89 @@
 <?php
-	function upload_data_file() {
 
-		global $db,$error,$node;
+function upload_data_file() {
+	// XXX sec. bug over sec. bug
 
-if (($node['node_permission']!='owner') && ($node['node_permission']!='master')) {
-$error=$error_messages['EVENT_PERMISSION_ERROR'];
-return false;
-}
+	global $db,$error,$node;
 
-		$node_id=$node['node_id'];
-		$node_template=$_POST['node_template'];
-		require(SYSTEM_ROOT.'/inc/filez.inc');
-		$suffix = array_pop(explode('.', basename($_FILES['data_file']['name'])));
-	        if (!is_dir(FILE_DIR.$_SESSION['user_id'])) {
-       		         mkdir(FILE_DIR.$_SESSION['user_id']);
-       		}
+	require(INCLUDE_DIR.'filez.inc');
 
-		if ($suffix=='zip' && $_POST['unzip']) {
-			mkdir(TMP."/".$_FILES['data_file']['name']);
-			$cmd="unzip ".$_FILES['data_file']['tmp_name']." -d ".TMP."/".$_FILES['data_file']['name'];
-			shell_exec($cmd);
-			$handle=opendir(TMP."/".$_FILES['data_file']['name']);
+	if (($node['node_permission']!='owner') && 
+	    ($node['node_permission']!='master')) {
+		$error=$error_messages['EVENT_PERMISSION_ERROR'];
+		return false;
+	}
 
-			while (($file = readdir($handle))!==false) {
-				if ($file!="." && $file!="..") {
-					$node_params['node_name']=$file;
-					$node_params['node_creator']=$_SESSION['user_id'];
-					if ($_POST['gallery']) $node_params['template_id']="1041658";
-					else $node_params['template_id']=12;
-					$node_params['node_parent']=$node['node_id'];
+	$node_id=$node['node_id'];
+	filez::upload_data_file($node_id);	
+/*
+	if ($suffix=='zip' && $_POST['unzip']) {
+		mkdir(TMP."/".$_FILES['data_file']['name']);
 
-					$node_params['node_content']=$file;
-					$datanode_id=nodes::addNode($node_params);
-					$file_suffix = array_pop(explode('.', basename($file)));
-					copy(TMP."/".$_FILES['data_file']['name']."/".$file,FILE_DIR.$_SESSION['user_id'].'/'.$datanode_id.".$file_suffix");
-					symlink(FILE_DIR.$_SESSION['user_id'].'/'.$datanode_id.".$file_suffix",SYSTEM_ROOT.'/files/'.$datanode_id);
-					if ($_POST['gallery']) {
-						$image=TMP."/".$_FILES['data_file']['name']."/".$file;
-						$image_name=$file;
-						$width=NODE_IMAGE_WIDTH;
+		// directory traversal si dissabled by default from zip v 5.50
+		$cmd="unzip ".$_FILES['data_file']['tmp_name']." -d "
+			.TMP."/".$_FILES['data_file']['name'];
 
-						if (stristr($image_name,".jpg") || stristr($image_name,".jpeg") ){
-		        			        $cmd=UTILZ_DIR."/jpegtopnm  $image |".UTILZ_DIR."/pnmscale -width=$width | ".UTILZ_DIR."ppmquant 256 |".UTILZ_DIR."ppmtogif >".SYSTEM_ROOT."images/nodes/".substr($datanode_id,0,1)."/".substr($datanode_id,1,1)."/".$datanode_id.".gif";
-						}
-					        elseif (stristr($image_name,".gif")) {
-			        		        $cmd=UTILZ_DIR."/gifsicle --resize ".$width."x_ $image > ".SYSTEM_ROOT."images/nodes/".substr($datanode_id,0,1)."/".substr($datanode_id,1,1)."/".$datanode_id.".gif";
-				        	}
-						if ($cmd) {
-							shell_exec($cmd);
-						}
+		shell_exec($cmd);
+		$handle=opendir(TMP."/".$_FILES['data_file']['name']);
 
-echo $cmd;
-				}
+		// XXX move this mess into a function
+		while (($file = readdir($handle))!==false) {
+			if ($file!="." && $file!="..") {
 
+				// Need to check extenstions of all extracted files
+				if ( !filez::filename_secure($_FILES['data_file']['file'])) {
+					$error = 'ale ale, kto nam to tady loupe pernicek.. ';
+					return false;
 				}
-			}
-			closedir($handle);
-die();
-		}
 
-		else {
-			copy($_FILES['data_file']['tmp_name'],FILE_DIR.$_SESSION['user_id'].'/'.$node['node_id'].".$suffix");
-			symlink(FILE_DIR.$_SESSION['user_id'].'/'.$node['node_id'].".$suffix",SYSTEM_ROOT.'/files/'.$node['node_id']);
-		}
+				$node_params['node_name']=$file;
+				$node_params['node_creator']=$_SESSION['user_id'];
+				$node_params['template_id']=DEF_DATA_TEMPLATE;
+				$node_params['node_parent']=$node['node_id'];
+
+				$node_params['node_content']=$file;
+				$datanode_id=nodes::addNode($node_params);
+				$file_suffix = array_pop(explode('.', basename($file)));
+				copy(TMP."/".$_FILES['data_file']['name']."/".$file,
+				     FILE_DIR.$_SESSION['user_id'].'/'.$datanode_id.".$file_suffix");
+				symlink(FILE_DIR.$_SESSION['user_id'].'/'.$datanode_id.".$file_suffix",
+					SYSTEM_ROOT.'/files/'.$datanode_id);
 
+# Removed for now, need complete rewrite
 
+#				if ($_POST['gallery']) {
+#					$node_params['template_id']=DEF_GALLERY_TEMPLATE;
+#					$image=TMP."/".$_FILES['data_file']['name']."/".$file;
+#					$image_name=$file;
+#					$width=NODE_IMAGE_WIDTH;
+#
+#					if (stristr($image_name,".jpg") || 
+#					    stristr($image_name,".jpeg") ){
+#						
+#						/// XXX UTILZ_DIR is not set. remove?
+#						$cmd=UTILZ_DIR."/jpegtopnm  $image |".UTILZ_DIR."/pnmscale -width=$width | ".UTILZ_DIR."ppmquant 256 |".UTILZ_DIR."ppmtogif >".SYSTEM_ROOT.SYSTEM_IMAGES.'/nodes/'.substr($datanode_id,0,1)."/".substr($datanode_id,1,1)."/".$datanode_id.".gif";
+#					}
+#					elseif (stristr($image_name,".gif")) {
+#						$cmd=UTILZ_DIR."/gifsicle --resize ".$width."x_ $image > ".SYSTE_ROOT.SYSTEM_IMAGES.'/nodes/'.substr($datanode_id,0,1)."/".substr($datanode_id,1,1)."/".$datanode_id.".gif";
+#					}
+#					if ($cmd) {
+#						shell_exec($cmd);
+#					}
+#					// XXX WTF
+#					echo $cmd;
+#				}
+			}
 		}
+		closedir($handle);
+		die();
+	}
 
-?>
\ No newline at end of file
+	else {
+		copy($_FILES['data_file']['tmp_name'],
+			FILE_DIR.$_SESSION['user_id'].'/'.$node['node_id'].".$suffix");
+		symlink(FILE_DIR.$_SESSION['user_id'].'/'.$node['node_id'].".$suffix",
+			FILE_DIR.'/'.$node['node_id']);
+	}
+*/
+}
+?>